Patents by Inventor Jechun Chiu
Jechun Chiu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11005814Abstract: An example of a computing system is described herein. The computing system includes a plurality of network security devices. The computing system also includes a network switch configured to direct network traffic. The computing system further includes a controller coupled to the network switch. The controller is to instruct the network switch in directing network traffic to the plurality of network security devices.Type: GrantFiled: June 10, 2014Date of Patent: May 11, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Joseph A. Curcio, Jechun Chiu, Bruce E. Lavigne, Wei Lu, Shaun Wakumoto, Mauricio Sanchez, Matthew Laswell
-
Patent number: 10348684Abstract: Examples include a network device to filter a packet for a packet type. The network device includes a filter to receive the packet and to determine whether the packet is a defined packet type. The network device also includes a Bloom filter to receive the packet from the filter based on the determination that the packet is a defined packet type and to determine whether the packet is a matched packet or an unmatched packet. A processing resource of the network device may receive the packet from the Bloom filter based on the determination that the packet is a matched packet and to determine whether the packet is an exact match.Type: GrantFiled: September 1, 2016Date of Patent: July 9, 2019Assignee: Hewlett Packard Enterprise Development LPInventors: Shaun Wakumoto, Freeman Yufei Huang, Tomas Navarro, Nam Soo Kim, Bruce E Lavigne, Jechun Chiu, Sebastien Tandel
-
Patent number: 10341389Abstract: In some examples, a system receives a context of an application to request a set of network traffic, the context including a requested behavior of a service enabled by the application, and provides a policy to a network device of a network, the policy to regulate the set of network traffic based on the context, the policy provided to the network device to cause the network device to route the set of network traffic based on applying the policy, the routing comprising forwarding the set of network traffic to a destination or denying transmission of the set of network traffic to the destination.Type: GrantFiled: July 23, 2018Date of Patent: July 2, 2019Assignee: Hewlett Packard Enterprise Department LPInventors: Bryan Stiekes, Sebastien Tandel, Jechun Chiu
-
Patent number: 10148459Abstract: Network service insertion includes determining a tunnel interface corresponding to a service entity to which an incoming packet is to be directed, the tunnel interface being determined based on software defined network (SDN) flow rules. Further, the incoming packet can be encapsulated based on a tunnel configuration corresponding to the tunnel interface to generate an encapsulated packet such that the encapsulated packet includes media access control (MAC) address headers and a virtual local area network (VLAN) tag associated with the incoming packet. The encapsulated packet can be sent to the service entity through the tunnel interface for network service insertion.Type: GrantFiled: April 29, 2014Date of Patent: December 4, 2018Assignee: Hewlett Packard Enterprise Development LPInventors: Jechun Chiu, Venkatavaradhan Devarajan, Duane Edward Mentze, Craig Joseph Mills
-
Publication number: 20180332081Abstract: In some examples, a system receives a context of an application to request a set of network traffic, the context including a requested behavior of a service enabled by the application, and provides a policy to a network device of a network, the policy to regulate the set of network traffic based on the context, the policy provided to the network device to cause the network device to route the set of network traffic based on applying the policy, the routing comprising forwarding the set of network traffic to a destination or denying transmission of the set of network traffic to the destination.Type: ApplicationFiled: July 23, 2018Publication date: November 15, 2018Inventors: Bryan Stiekes, Sebastien Tandel, Jechun Chiu
-
Patent number: 10044760Abstract: In one implementation, an example system may include a policy engine. The policy engine may receive a context of an application to request a set of network traffic and provide a policy rule to a network device of a network path. In another implementation, an example system may identify a party and a requested behavior of the service and maintain a context to determine a policy rule to regulate a set of network traffic associated with the service based on the party and the requested behavior. In another implementation, an example method may comprise receiving a service request and an authentication, identifying a party, identifying a behavior, and deploying a policy to a network device of a network based on the party and the behavior.Type: GrantFiled: December 4, 2013Date of Patent: August 7, 2018Assignee: Hewlett Packard Enterprise Development LPInventors: Bryan Stiekes, Sebastien Tandel, Jechun Chiu
-
Publication number: 20180063084Abstract: Examples include a network device to filter a packet for a packet type. The network device includes a filter to receive the packet and to determine whether the packet is a defined packet type. The network device also includes a Bloom filter to receive the packet from the filter based on the determination that the packet is a defined packet type and to determine whether the packet is a matched packet or an unmatched packet. A processing resource of the network device may receive the packet from the Bloom filter based on the determination that the packet is a matched packet and to determine whether the packet is an exact match.Type: ApplicationFiled: September 1, 2016Publication date: March 1, 2018Inventors: Shaun WAKUMOTO, Freeman Yufei HUANG, Tomas NAVARRO, Nam Soo KIM, Bruce E. LAVIGNE, Jechun CHIU, Sebastien TANDEL
-
Publication number: 20170142132Abstract: An example of a computing system is described herein. The computing system includes a network switch configured to direct network traffic. The computing system also includes a network device to receive the network traffic. The computing system further includes a controller coupled to the network switch. The controller is to monitor network traffic in the network switch and generate a policy to instruct the network switch in selecting a portion of the network traffic to direct to the network device.Type: ApplicationFiled: June 10, 2014Publication date: May 18, 2017Inventors: Joseph A. CURCIO, Jechun CHIU, Bruce E. LAVIGNE, Wei LU, Shaun WAKUMOTO, Mauricio SANCHEZ, Matthew LASWELL
-
Publication number: 20170142071Abstract: An example of a computing system is described herein. The computing system includes a plurality of network security devices. The computing system also includes a network switch configured to direct network traffic. The computing system further includes a controller coupled to the network switch. The controller is to instruct the network switch in directing network traffic to the plurality of network security devices.Type: ApplicationFiled: June 10, 2014Publication date: May 18, 2017Inventors: Joseph A. CURCIO, Jechun CHIU, Bruce E. LAVIGNE, Wei LU, Shaun WAKUMOTO, Maurcio SANCHEZ, Matthew LASWELL
-
Publication number: 20160352538Abstract: Network service insertion includes determining a tunnel interface corresponding to a service entity to which an incoming packet is to be directed, the tunnel interface being determined based on software defined network (SDN) flow rules. Further, the incoming packet can be encapsulated based on a tunnel configuration corresponding to the tunnel interface to generate an encapsulated packet such that the encapsulated packet includes media access control (MAC) address headers and a virtual local area network (VLAN) tag associated with the incoming packet. The encapsulated packet can be sent to the service entity through the tunnel interface for network service insertion.Type: ApplicationFiled: April 29, 2014Publication date: December 1, 2016Inventors: Jechun CHIU, Venkatavaradhan DEVARAJAN, Duane Edward MENTZE, Craig Joseph MILLS
-
Publication number: 20160308905Abstract: In one implementation, an example system may include a policy engine. The policy engine may receive a context of an application to request a set of network traffic and provide a policy rule to a network device of a network path. In another implementation, an example system may identify a party and a requested behavior of the service and maintain a context to determine a policy rule to regulate a set of network traffic associated with the service based on the party and the requested behavior. In another implementation, an example method may comprise receiving a service request and an authentication, identifying a party, identifying a behavior, and deploying a policy to a network device of a network based on the party and the behavior.Type: ApplicationFiled: December 4, 2013Publication date: October 20, 2016Inventors: Bryan Stiekes, Sebastien Tandel, Jechun Chiu
-
Publication number: 20150058985Abstract: A network access apparatus includes a processor and an interface to receive a plurality of packets that originate from a client device. The apparatus also includes a network access module that is to perform a forwarding function on the plurality of packets, to determine whether the received plurality of packets comprise a predetermined type of communication, and to instruct the control module to analyze the plurality of packets in response to the plurality of packets being determined as comprising the predetermined type of communication. The apparatus further includes a control module that is to determine a feature of the plurality of packets received from the network access module, to determine whether the feature matches a configuration of a plurality of predetermined configurations, and to perform a predefined action on the plurality of packets in response to the feature matching the configuration.Type: ApplicationFiled: April 30, 2012Publication date: February 26, 2015Applicant: Hewlett-Packard Development Company, L.P.Inventors: Mauricio Sanchez, Jechun Chiu, Charles F. Clark
-
Publication number: 20140282867Abstract: Data can be stored, at a network device, in a device local reputation score cache. The data can include a reputation score for a domain name. The network device can receive a domain name system (DNS) data unit and determine if a domain name in the DNS data unit has a reputation score stored in the device local reputation score cache.Type: ApplicationFiled: March 15, 2013Publication date: September 18, 2014Applicant: Hewlett-Packard Development Company, L.P.Inventors: Byung Kyu Choi, Duane E. Mentze, Jechun Chiu